Speakers

SecTor Management and the Advisory Committee are bringing to Toronto the world's best speakers in the field of IT Security. In preparation for our 2013 conference, we are currently undertaking a Call for Speakers. Be sure you're receiving our newsletter to ensure you are notified on the speakers for 2013 as they are announced.

For a synopsis of past event speakers, we invite you to visit our Past Events page.

2013 Keynotes

G. Mark Hardy is founder and President of National Security Corporation. He has been providing cyber security expertise to government, military, and commercial clients for over 30 years, and is an internationally recognized expert who has spoken at over 250 events world-wide. G. Mark serves on the Advisory Board of CyberWATCH, an Information Assurance/Information Security Advanced Technology Education Center of the National Science Foundation. A graduate of Northwestern University, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies, and holds the GSLC, CISSP, CISM and CISA certifications.

Gene Kim is a multiple award winning CTO, researcher and author. He was founder and CTO of Tripwire for 13 years. He has written three books, including "The Visible Ops Handbook" and "The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win." Gene is a huge fan of IT operations, and how it can enable developers to maximize throughput of features from "code complete" to "in production," without causing chaos and disruption to the IT environment. He has worked with some of the top Internet companies on improving deployment flow and increasing the rigor around IT operational processes. In 2007, ComputerWorld added Gene to the "40 Innovative IT People Under The Age Of 40" list, and was given the Outstanding Alumnus Award by the Department of Computer Sciences at Purdue University for achievement and leadership in the profession.

2013 Speakers

James Arlen, CISA, is a security consultant at Leviathan. He has been involved with implementing a practical level of information security in Fortune 500, TSE 100, and major public-sector corporations for more than 15 years. James is also a contributing analyst with Securosis, founder of the think|haus hackerspace and has a recurring column on Liquidmatrix Security Digest. Best described as: "Infosec geek, hacker, social activist, author, speaker, and parent."

Kevvie Fowler is a partner in KPMG Canada's forensic practice and is an information security and data analytics specialist. As author of SQL Server Forensic Analysis and contributing author to several security and forensics books Kevvie is a recognized advisor who supports organizations across Canada and abroad.

Kevvie also teaches database forensics to law enforcement agencies across North America and sits on the SANS GIAC Advisory Board where he guides the direction of emerging security and forensics research.

Prior to joining KPMG, Kevvie Fowler managed his own professional services company and held a security leadership position within TELUS.

Artem Harutyunyan is a Software Architect for Qualys. His responsibilities include design and development of distributed computing systems for storing and analyzing large volumes of data.

Prior to joining Qualys Artem spent several years at CERN where he worked on the development of geographically distributed large-scale Grid and cloud computing systems. Artem holds a PhD from State Engineering University of Armenia. Artem presented at Hack In the Box security conference, as well as at numerous other international scientific conferences and workshops.

Pete co-founded ISECOM, an open, non-profit, research organization with over 10,000 members, and is a security adviser for IEX, a new NY State stock exchange trading platform designed to reduce corruption in the system. He also created the Smarter Safer Better project to bring practical, usable, security awareness to the public, the OSSTMM (v.3 has about 200,000 downloads per month) and the Bad People Project. His creation the Hacker Highschool has about 250,000 downloads per month).

Ryan is a security generalist. Hailing from rural Illinois, he had plenty of time to develop his skills with a 1200-baud modem and some epic phone bills. He was a member of the primary security team at Orbitz.com and later the head of EU Information Security for sister site Ebookers.com for a combined 11+ years. These jobs exposed him to many modern security concerns, including the subject: nontrivial denial of service attacks.

A giant of a man, Gillis Jones is currently employed as a Security Consultant at Accuvant Labs. He has been engaged in web application security for the last four years, and has worked with companies to increase their security posture all the way from a Stealth Startup to a multi-million dollar business with hundreds of employees. He is the founder of the Badmin Project, and has worked with dozens of entry level security people to assist them in becoming "1337".

Software Developer, Network Security Engineer, Graduate Student of Computer Science - @MedivhMagus

Nick is currently a graduate student researching covert channel communication utilizing wireless networking protocols. He obtained his Bachelor's Degree in Computer Science, Master's Degree in Cyber Security and is currently engaged in his second Master's Degree in Computer Science. Nick holds a Security+ certification and seeks to obtain his CISSP certification at the completion of his graduate coursework. An avid cyber security advocate, Nick has volunteered as a technical mentor working with high school students competing in the CyberPatriot competition and provides network security expertise to help secure enterprise networks. In his spare time, Nick balances his studies with his family, trains for marathons, enjoys hockey, and plays broomball competitively.

Dave Lewis has over 15 years industry experience. He has extensive experience in IT operations and management. Currently, Dave works in the information security practice for Advanced Micro Devices. Dave is the founder of the popular security site Liquidmatrix Security Digest. He loves blinky lights and his beard. Prior to his current role, Dave worked in the finance, healthcare, entertainment, and critical infrastructure verticals. He has worked for a defense contractor as a security consultant to clients such as the FBI, US Navy, Social Security Administration, US Postal Service, and the US Department of Defense. His areas of interest include organizational change, social engineering, blinky lights and shiny things.

Kevin McNamee, security architect with Alcatel-Lucent, is a seasoned IT security professional with over 30 years of experience. In this role, he designed and developed a cloud based malware detection system that allows service providers to detect malware infections in their residential-customer networks and mobile devices. Previously he was director of security research with Alcatel-Lucent's Bell Labs specializing in the analysis of malware propagation and detection. Kevin has also managed product development of Milkyway's Blackhole Firewall and Timestep's IPSEC VPN product and was director of R&D for Alcatel's OmniAccess/IPSEC products. He has had several previous speaking engagements at RSA, Virus Bulletin, MAAWG and BSides.

Kellman Meghu is Head of Security Engineering (Canada and Central US) for Check Point Software Technologies Inc., the worldwide leader in securing the Internet. His background includes almost 20 years of experience deploying application protection and network-based security. Since 1996 Mr. Meghu has been involved with consultation on various network security strategies to protect ISP's in Southern Ontario as well as security audits and security infrastructure deployments for various Commercial and Governmental entities across Canada and the Central United States. Other past responsibilities have included day-to-day operational work in complex security networks, policy planning, management and documentation. Prior to joining Check Point, Mr. Meghu has held various network, VoIP and security engineering roles with European telecommunications giant Alcatel, a leading global information technology services company, Electronic Data Systems (EDS) and as a private consultant.

Like most of us, Mark has trouble writing his own bio. What he doesn't have trouble with is researching complex security problems and helping turn that research into real solutions.

Mark brings more than 15 years of experience in a variety of IT roles--from service delivery to application development to security engineering--to his work in Trend Micro's R&D group. His current focus is on cloud security and usable security systems.

Mark is an active member of the IEEE and the Consortium of Digital Forensics Specialists (CDFS). He holds a number of security certifications and an MSc in information security, specializing in digital forensics.

He can be reached online at http://markn.ca or on Twitter @marknca.

Christopher Pogue, SpiderLabs Americas, Managing Consultant.

Having served as a US Army Signal Corps Warrant Officer, he has worked on digital forensic investigations and as Cyber Security Instructor. Pogue joined the IBM Internet Security Systems (ISS) X-Force after leaving the military. As a Penetration Tester and Forensic Investigator with IBM, he performed over 300 penetration test and 50 investigations for IBM internal contracts, as well as third party customers.

In his role with SpiderLabs, Pogue leads the US based Incident Response team that performs investigations all over the United States, Central and South America, and the Caribbean Islands. He also assists local, state, and federal law enforcement agencies with cases involving digital media.

Among his many achievements, Pogue was the original creator of the forensic methodology known as Sniper Forensics, which is fast emerging as the industry standard, with users including the Federal Bureau of Investigation and the United States Secret Service. Additionally, in 2010, Pogue was named as a SANS Thought Leader. Since its introduction in 2007, only 41 security professionals have been awarded this distinction.

Pogue holds a full range of professional certifications, including: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Reverse Engineering Analyst (CREA), SANS GIAC Certified Forensic Analyst (GCFA), and Payment Card Industry Qualified Security Assessor (QSA). He also plays a leading role in a number of industry-relevant organizations, among them the Consortium of Digital Forensics Specialists (CDFS), and United States Secret Service Electronic Crimes Task Force (USSS ECTF). Pogue is the primary author of Unix and Linux Forensic Analysis by Syngress and the author of the award winning blog,

The Digital Standard. Pogue holds a BS in Applied Management from Grand Canyon University and an MS in Information Security from Capella University, as well as an active Top Secret (TP/SSBI) clearance.

Philip cleaned out his savings at age 8 in order to buy a TI99-4A computer for the sum of $450. Two years later he learned 6502 assembly and has been hacking computers and electronics ever since. Phil currently works as a professor at a private Midwestern university. He teaches computer security and forensics. His current research focus involves use of microcontrollers and small embedded computers for forensics and pentesting. Prior to entering academia, Phil held several high level positions at well-known US companies. He holds a couple of the usual certs one might expect for someone in his position. As a result of spending too many years in school he has a few degrees in physics, math, and computer security.

Phil is also an accomplished aviator with several thousand hours of flight time. He holds 12 ratings including instructor, commerical pilot, mechanic, inspector, and avionics tech. When not working, he likes to spend time with his family, fly, hack electronics, and has been known to build airplanes.

Mike Rothman, Analyst & President, Securosis Mike's bold perspectives and irreverent style are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike specializes in the sexy aspects of security, like protecting networks and endpoints, security management, and compliance. Mike is one of the most sought after speakers and commentators in the security business and brings a deep background in information security. After 20 years in and around security, he's one of the guys who "knows where the bodies are buried" in the space. Starting his career as a programmer and a networking consultant, Mike joined META Group in 1993 and spearheaded META's initial foray into information security research. Mike left META in 1998 to found SHYM Technology, a pioneer in the PKI software market, and then held senior roles at CipherTrust and TruSecure -- providing experience in marketing, business development, and channel operations for both product and services companies. After getting fed up with vendor life, he started Security Incite in 2006 to provide the voice of reason in an over-hyped yet underwhelming security industry. After taking a short detour as Senior VP, Strategy and CMO at eIQnetworks to chase shiny objects in security and compliance management, Mike joins Securosis with a rejuvenated cynicism about the state of security and what it takes to survive as a security professional. Mike published "The Pragmatic CSO" in 2007 to introduce technically oriented security professionals to the nuances of what is required to be a senior security professional. He also possesses a very expensive engineering degree in Operations Research and Industrial Engineering from Cornell University. His folks are overjoyed that he uses literally zero percent of his very expensive education on a daily basis.

Ben Sapiro is the head of Security & Contingency for The Dominion, one of Canada's oldest insurance companies. Prior to this role Ben worked as an independent consultant with Kinross Gold and other Canadian companies. Ben served as a research director at TELUS Security Labs and helped publish multiple studies on Canadian IT Security practices. Ben's a regular contributor on LiquidMatrix Security Digest and Podcast. He's also working on something else but doesn't want to talk about it just yet in case it goes horribly and he requires plausible deniability. Ben's most proud of the fact that his kid tried to re-enable Java on the wife's computer - the daycare version of p0wn-2-0wn.

Sergey Shekyan is a Senior Software Engineer for Qualys, where he is focused on development of the company's on demand web application vulnerability scanning service.

As a side interest, Sergey enjoys researching Application Layer DoS attacks and trying to fix Web browsers. Sergey holds both Masters and BS Degrees in Computer Engineering from the State Engineering University of Armenia. Sergey presented at BlackHat, H2HC, Hack in the Box, and other security conferences. Blog at http://shekyan.com

Reverse Engineer, Software Developer, Graduate Student of Computer Science - @SPLINTER_TheRAT, @Carpenter1010

Solomon is a passionate software developer and network security engineer focusing on the analysis of malware, memory management, and computer network exploitation. Solomon has devoted many hours in academia mentoring students and teaching Computer Science techniques. Regarding network security, Solomon brings experience as a previous director of Computer Intrusion Response, and network operations. Solomon provides digital forensics capabilities as well as security solutions to better prevent, detect, respond to and mitigate network penetrations and malware infections threats from large-scale enterprise networks for commercial, private, and government sectors. Solomon received his Undergraduate Degree in Computer Science and is currently pursuing Masters Degrees in Computer Science and Information Systems Engineering.

Rob VandenBrink is a consultant with Metafore in Canada, specializing in Networking, Security and Virtualization. He has large clients in manufacturing, finance and entertainment with locations in almost every time zone. He holds several industry certifications, as well as a Master's degree with the SANS Technology Institute. Rob is also an Incident Handler with the Internet Storm Center - look for Rob's posts at http://isc.sans.edu !